Admin Console Authentication

There are three ways to configure authentication for the Token Server Admin Console: LDAP, in-memory and header authentication. All three authenticators can be used together and they are applied in the following order:

  1. header
  2. in-memory
  3. LDAP

At least one of the authenticators needs to be enabled for valid configuration.

For instance if in-memory authentication fails the LDAP authentication is triggered.

When using LDAP or in-memory authentication, the user fills in the credentials in the login page of the admin console. For the header authenticator, credentials are provided via request headers.

The details of how to configure each authenticator are placed in subsections.

Warning: We strongly advise to use either LDAP or header authentication in production environments as the authentication mechanism. The in-memory authenticator should only be used for testing purposes.